By default, Headwind MDM uses the following ports:
Port 8080 for unsecure HTTP connections (not recommended to use because plain HTTP is not secure);
Port 8443 for secure HTTPS connections;
Port 31000 for Push messages delivery through MQTT protocol.
HTTP port 80 is used by LetsEncrypt to renew the HTTPS certificates.
To enable work of Headwind MDM over HTTPS behind a firewall, you must forward the following ports:
External:80 -> Internal:80
External:443 -> Internal:8443
External:31000 -> Internal:31000
You must also do the following to make Headwind MDM work well behind a firewall:
1. Update the MQTT socket which Headwind MDM binds to, see this article: https://qa.h-mdm.com/1714/
2. Make sure that HTTP requests to the external IP address or domain name are available from the server on which Headwind MDM is installed. Headwind MDM web panel uses HTTP requests to itself (to generate QR codes).